High resiliency network infrastructure

ABSTRACT

The invention provides a highly resilient network infrastructure that provides connectivity between a main network such as the Internet and a subnetwork such as a server-based (e.g., web server) local area network. In accordance with the invention, a network interface incorporated into a server hosting center provides a resilient architecture that achieves redundancy in each of three different layers of the Open System Interconnect (OSI) stack protocol (i.e., physical interface, data link, and network layers). For every network device that is active as a primary communication tool for a group of subnetworks, the same device is a backup for another group of subnetworks. Based on the same connection-oriented switching technology (e.g., asynchronous transfer mode (ATM)) found in high-speed, broadband Internet backbones such as that provided by InternetMCI, the network interface architecture provides a high degree of resiliency, reliability and scalability. In accordance with the invention, interface network routers which provide routing functionality and connectivity between the Internet backbone and the customer subnetworks are fully meshed with those deployed in the Internet backbone. Permanent virtual circuits (PVCs) providing a multitude of logical transmission paths between each hosting center router and every router in the Internet backbone, greatly reduces processing delays of data traffic through the infrastructure as only a single “hop” routing step is required between any external access point on the Internet backbone and a hosting center router.

BACKGROUND OF THE INVENTION

[0001] The invention relates to the field of communication networks.More specifically, the invention relates to improving resiliency,scalability, and efficiency in the infrastructure of a network.

[0002] The increased popularity of and reliance on the Internet has madethe Internet the ultimate computer network. Millions of users around theworld access the Internet for personal as well as business use daily.The Internet, however, is not really a specific network at all, butrather an amorphous mass of interconnected networks spanning the globewhile utilizing the same Internet Protocol (IP) to pass information fromone network to another. The networks making up the Internet aretypically arranged in groups of computers connected together to allowinformation to be transmitted to one another. Such groups are referredto as “local area networks (LAN).” The LAN medium is “connectionless,”i.e., users on the LAN exchange message information without buildingspecific connections to one another. LANs can be connected together toform a larger network (referred to as a “wide area network (WAN)”) thatmay have geographically spaced network members. LANs/WANs that areconnected to the Internet are often referred to as “subnetworks” or“subnets” of the Internet.

[0003] Communication networks and their operations can be describedaccording to the well-known Open Systems Interconnection (OSI) model(also referred to as the “OSI stack protocol”) developed by theInternational Organization for Standardization (ISO). Each of sevenlayers (i.e., application, presentation, session, transport, network,data link, and physical interface) of the OSI model performs a specificdata communications task that provides a service to and for the layerthat precedes it (e.g., the network layer provides a service for thetransport layer). The operation of the OSI model is often likened toplacing a letter in a series of envelopes before it is sent through thepostal system. Each succeeding envelope adds another layer of processingor overhead information necessary to process the transaction. Together,all the envelopes help make sure the letter gets to the right addressand that the message received is identical to the message sent. Once theentire package is received at its destination, the envelopes are openedone by one until the letter itself emerges exactly as written.

[0004] The ISO has specifically defined all seven layers, which aresummarized below in the order in which the data actually flows as itleaves its source:

[0005] *Layer 7, the application layer, provides for a user application(such as getting money from an automatic bank teller machine) tointerface with the OSI application layer. The OSI application layer hasa corresponding peer layer in another open system, e.g., the bank's hostcomputer.

[0006] *Layer 6, the presentation layer, makes sure the userinformation. (a request for $50 in cash to be debited from the user'schecking account) is in a format (i.e., syntax or sequence of ones andzeros) the destination open system can understand.

[0007] *Layer 5, the session layer, provides synchronization control ofdata between the open systems (i.e., makes sure the bit configurationsthat pass through layer 5 at the source are the same as those that passthrough layer 5 at the destination).

[0008] *Layer 4, the transport layer, ensures that an end-to-endconnection has been established between the two open systems and isreliable.

[0009] *Layer 3, the network layer, provides routing and relaying ofdata through the network (among other things, at layer 3, on theoutbound side, the “envelope” will be labeled with an “address” which isread by layer 3 at the destination).

[0010] *Layer 2, the data link layer, includes flow control of data asmessages pass down through this layer in one open system and up throughthe peer layer in the other open system.

[0011] *Layer 1, the physical interface layer, includes the ways inwhich data communications equipment is connected mechanically andelectrically, and the means by which data moves across those physicalconnections from layer 1 at the source to layer 1 at the destination.

[0012] Information transported from network to network on the Internetis done through a system called “packet switching.” All information thatis sent or received over the Internet is broken down or disassembledinto small portions (referred to as “packets”) in accordance with aprotocol known as “Transmission Control Protocol (TCP).” These packetsare labeled with address information specifying the destination of eachpacket, together with an indication of the order in which the packetsare to be reassembled at the intended destination. Internet “routers,”which join one network to another along the transmission paths of theInternet, are used as path finding devices charged with interpreting thepacket labels and determining the best transmission path for aparticular packet to take on route to the ultimate destination. On itsway to the ultimate destination, the packet will be processed bymultiple routers at various points of the Internet. The addressing androuting of the packets conforms with a protocol known as “InternetProtocol (IP).” According to the IP, each node of the Internet isprovided with a unique IP address having a specific length and format.

[0013] Each segment between routers is a point-to-point datatransmission referred to as a “hop.” Although one hop will typicallyinclude transmission over a communication line segment connecting onenetwork to another, often a hop will cause a packet to be passed throughone or more other network components such as repeaters, hubs, bridges,gateways and switches that are each used by a network to facilitate thetransmission of the packets through the network. A repeater, forexample, is used to amplify the packet data to extend the distance inwhich the packet can travel. Repeaters are often found in the dedicatedbroadband telecommunications connection known as a “backbone,” such asthe Internet backbone provided by MCI. (A backbone network (referredherein simply as “backbone”) is a “transit” network often made up oflong-distance telephone trunk lines and other wired and wireless linkssuch as microwave and satellite links for use in transmitting largeamounts of data simultaneously between host computer systems connectedto the Internet. Normal communicated data typically neither originatesnor terminates in a backbone network.) A hub is used to tie individualor groups of computers together, controlling the order in which thecomputers can transmit information to one another. Bridges link LANstogether, allowing data designated for one LAN to pass through from oneto another. Gateways work like bridges, but also translate data betweenone network type to another. A switch establishes a connection betweendisparate transmission path segments in a network (or between networks).A router, which is essentially an intelligent bridge, can be used tocontrol the various path segments connected by a switch based on thedestination information contained in the label of a given packet.

[0014] Once the transmitted packets arrive at the ultimate destination,the packets are reassembled in proper order by a local server andforwarded to one or more local computers. As with the computer systemtransmitting the original data packets, the local server is typicallyconnected to the local computers (or terminals) using a direct LAN line,modem dial up, or other well-known connection. As used herein, anycomputer that is assigned an IP address and connected to the Internet isreferred to as a “host.” Generally, two types of hosts are present in asystem: “server hosts,” which provide services (e.g., web site, e-mail,file access, etc.) to remote computers and terminals; and “clienthosts,” which only access services on the Internet provided by serverhosts.

[0015] Users whose computers and networks are not directly connected tothe Internet typically gain access to the Internet through InternetAccess Providers (IAPs), Internet Service Providers (ISPs), and OnlineService Providers (OSPs) such as Internet MCI. The IAPs, ISPs, and OSPswill collectively be referred to herein as “Internet providers.”Internet providers must utilize interface architecture to provideInternet connectivity to their customer users who desire a presence onthe Internet. One such known interface architecture is shown in FIG. 4.As shown in dashed outline, hosting center 310 provides the hostingarchitecture needed to supply customer networks (i.e., “subnetworks” or“subnets”) 28 a with connectivity to the Internet (represented byInternet backbone 200).

[0016] Each customer subnet 28 a represents, for example, a LAN (usingan Ethernet transmission protocol) and web site server used to supplythe content of the customer's web site as hosted by the Internetprovider. Customer subnet routers 36 a-36 e provide connectivity betweenthe customer subnetworks 28 a and the hosting center 310. Informationsignals to be sent to the Internet from web site servers in the customersubnets 28 a are received by the customer subnet routers 36 a-36 e andconverted into the appropriate packets in accordance with the well-knownTCP/IP standards required for Internet transmission. The customer subnetrouters 36 a-36 e determine the best path through one of the dual-ringfiber distributed data interface (FDDI) fiber optic networks 34 a, 34 b(reaching access speeds of 100 Mbs (simplex) per ring) and one of theborder routers 32 a, 32 b. For each data packet routed to border router32 a, border router 32 a determines which one of two data service level3 (DS-3) communication links (30 a, 30 b), which provide simplex datarates as high as 44.736 Mbps, is the best route to select in order toforward the data packet on its way towards its addressed destination.Similarly, border router 32 b determines which one of DS-3 links 30 c,30 d is to be selected for data packets border router 32 b receives fromFDDIs 34 a, 34 b.

[0017] As the world population increases its computer literacy, theability to exchange ideas, expressions and discoveries hinges upon theability of computers and computer systems to interconnect with oneanother. The recent explosion in usage of the Internet, particularly,the world wide web, as well as the increase in complex,processor-intensive applications intended for use on the Internet, hasplaced unprecedented demand on computer systems to increase inreliability, capacity and speed. The known interface architecture shownin FIG. 4, for example, was limited to 180 Mbs simplex communicationsbetween the border routers 32 a, 32 b and the Internet backbone 200, andto 200 Mbs around the FDDI networks 34 a, 34 b. In addition, thearchitecture is based on two shared physical link protocols: Ethernetand FDDI. As a result, computers and terminals on the Ethernet LAN androuters on the FDDI share a single physical link having a fixedbandwidth. The disadvantage of such protocols is that the addition ofmore stations on the link reduces the average bandwidth available toeach station on the link. Adding customer subnets and routers to satisfyincrease in usage, therefore, only adds to the bottlenecks created bythe insufficient scalability (i.e., ability to provide adequatesolutions with increase in size) of the interface architecture in thehosting center 310.

[0018] In addition, the single communication link connecting customersubnet routers 36 c and 36 d, and the single link between router 36 dand 36 e presents many single points of failure for customers attachedto routers 36 d and 36 e. The failure along the transmission pathbetween customer subnet routers 36 c and 36 e would be catastrophic forat least some of these customers. Moreover, because the Ethernetsegments connecting the components in the interface architecture must bebridged together in a loop-free topology, redundant paths cannot becreated between bridged Ethernet segments. As a result, additionalsingle points of failure of any one of these components in the hostingcenter 310 would require human intervention to reconfigure the remainingcomponents to bypass the failed component. The lack of resiliencyinherent in this architecture contributed to Internet blackouts andslowdowns that occurred often and added delay for data packets to reachtheir destinations to and from the hosting center.

SUMMARY OF THE INVENTION

[0019] The invention provides a highly resilient network infrastructurethat provides connectivity between a main network such as the Internetand a subnetwork such as a server-based (e.g., web server) local areanetwork. In accordance with the invention, a network interfaceincorporated into a server hosting center provides a resilientarchitecture that achieves redundancy in each of three different layersof the Open System Interconnect (OSI) stack protocol (i.e., physicalinterface, data link, and network layers). For every network device thatis active as a primary communication tool for a group of subnetworks,the same device is a backup for another group of subnetworks. Based onthe same connection-oriented switching technology (e.g., asynchronoustransfer mode (ATM)) found in high-speed, broadband Internet backbonessuch as that provided by InternetMCI, the network interface architectureprovides a high degree of resiliency, reliability and scalability.

[0020] In accordance with the invention, interface network routers whichprovide routing functionality and connectivity between the Internetbackbone and the customer subnetworks are fully meshed with thosedeployed in the Internet backbone. Permanent virtual circuits (PVCs)providing a multitude of logical transmission paths between each hostingcenter router and every router in the Internet backbone, greatly reducesprocessing delays of data traffic through the infrastructure as only asingle “hop” routing step is required between any external access pointon the Internet backbone and a hosting center router.

BRIEF DESCRIPTION OF THE DRAWINGS

[0021]FIG. 1a illustrates the physical interface layer of a networkarchitecture in accordance with a preferred embodiment of the invention;

[0022]FIG. 1b illustrates the data link layer of a network architecturein accordance with the preferred embodiment of the invention shown inFIG. 1a;

[0023]FIG. 1c illustrates the network layer of a network architecture inaccordance with the preferred embodiment of the invention shown in FIG.1a;

[0024]FIGS. 2a and 2 b illustrate a network architecture in accordancewith further preferred embodiments of the invention connectingperipheral customer subnetworks to the Internet backbone;

[0025]FIG. 3 illustrates the test environment in accordance with apreferred embodiment of the invention;

[0026]FIG. 4 illustrates a known network architecture for connectingcustomer subnetworks to an Internet backbone; and

[0027]FIG. 5 illustrates multiple customer connections to the samerouters and the potential problem which can exist due to load balancedtransmissions.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

[0028] The invention will be described in detail with reference to thepreferred embodiments illustrated in FIGS. 1a, 1 b, 1 c, 2 a, 2 b, and3. The invention is described herein in its preferred application to ahosting network infrastructure that provides hosting services tocustomer subnetworks to allow the subnetworks to transfer information toand from an Internet backbone network. However, the invention may beapplicable to any type or configuration of communications network thatprovides connectivity between a subnetwork and a main network.

[0029] As shown in FIG. 1a, in accordance with a preferred embodiment ofthe invention, a hosting center 210 provides a highly resilient,redundant, and scaleable infrastructure supplying connectivity between acustomer (via customer subnetwork 28 a) and the Internet (via Internetbackbone 200). In the preferred embodiment, the customer subnetworks 28a may be LANs having local servers for one or more of a variety ofapplications, including web server, POP3 mail server, ftp server,audio/video server (for streaming or other audio/video feeds),intranet/extranet server, or any other application server known in theart.

[0030] Because of the prevalent use of Ethernet protocol throughout theart, customer subnetworks 28 a are shown in their preferred embodimentsas being connected to the hosting center 210 using 10Base-T or 100Base-TEthernet communication links 9, 10, 13, 14. Any other known networkingor other signaling transmission protocol may be utilized, however. Thesecommunication links are received on input ports of known edge devices.In the preferred embodiment, such edge devices, as catalyst switches 16a, 16 b, are used and are preferably off-the-shelf versions of thecommercially available Catalyst 5000 Multilayer Switching Systems seriesmade by Cisco Systems, Inc. such as the Catalyst 5500 (or any equivalentswitching system consistent with the functions described herein).Catalyst switches 16 a, 16 b facilitate migration of the Ethernet LANused by the customer subnetworks 28 a to an asynchronous transfer mode(ATM)-based switched network that is at the core of the hosting centerarchitecture 210.

[0031] ATM switching technology makes it possible to convert all types(e.g., Ethernet, Token Ring, etc.) of information to the same fixedinformation (referred to as a “cell”), and to transmit the fixedinformation at high speeds, irrespective of whether the information iscontinuous information such as streaming audio/video, or burstinformation such as data, and irrespective of the underlying data ratesof the information. The ATM cell has a fixed length of 53 bytes,partitioned into a 5-byte header and a 48-byte information field (alsoknown as “the payload”). One of the functions of the cell header is toassist in routing the ATM cell from one point in the network to anotherthrough one or more switching nodes. In particular, the header isessential in the process of identification of a virtual connection. Theterms “virtual connection” and “virtual circuit” as used herein aredefined to mean a communication channel that may include one or moreinterconnected virtual connection segments. Each “virtual connectionsegment” is a data channel or control channel that traverses one linkbetween two neighboring nodes or one link between a host and node, whilea connection or virtual connection (VC) is a communication channel thattravels through numerous links and their connecting nodes. A“connection” is established or represented by a set of one or morevirtual connection identifiers (VCIs) stored in the VC tables of thenodes along the connection path.

[0032] The routing information within the ATM cell is contained withintwo fields: a virtual path identifier (VPI) identifying the virtual pathdesignated for the particular ATM cell; and a virtual channel identifier(VCI) identifying the virtual channel in the virtual path designated forthe ATM cell. Based on the VPI/VCI information in the header, a cell isrouted from an input port of the switch to the appropriate output portand onward along the designated path to the next network module(typically, another ATM switch). During a typical operation.(e.g.,placement of a telephone call) of an ATM-switched network, a processknown as “call setup” is performed. This call setup process involves adetermination of the best path through the network for transmission ofcells carrying voice/data information for the call. Once this path isselected, all of the ATM switches located along the selected path areupdated to allocate input/output ports (identified by VPI/VCI data) tocorrespond to the selected path. When the call is in progress and cellscarrying voice/data information for the call are transmitted through thenetwork, the VPI/VCI header information contained in the cells willcause each such ATM switch along the selected path to make theappropriate connections consistent with the virtual path selected duringcall setup. After the call is completed, a process known as “call teardown” will update the ATM switches to remove the selected virtual pathin order for a new call setup process to utilize one or more of the ATMtransmission segments previously allocated to the selected path inmaking a new path selection.

[0033] ATM is relied upon in the invention because it facilitatestransmission of data packets on a broadband network such as the Internetbackbone, as it transmits its cells asynchronously between sending andreceiving stations without the need for synchronization, and can beprocessed by switching, routing, and other basic network componentsquickly.

[0034] The catalyst switches 16 a, 16 b operate in a LAN Emulation(LANE) protocol to transparently run each customer's subnetwork EthernetLAN applications over the ATM switched network of the invention. TheLANE protocol is a layer 2 (i.e., “data link layer” of the OSI standardstack) bridging protocol that causes the ATM-based interfacearchitecture making up the remainder of the resilient interfaceinfrastructure (described in detail below) of hosting center 210 toappear to higher-layer (i.e., layers 3-7) protocols and applications asa connectionless Ethernet LAN segment. The catalyst switches 16 a, 16 bthus permit customers employing Ethernet (or Token Ring) LANs in theirsubnetworks 28 a to reap the advantages of an ATM-based networkarchitecture without obviating their investments in older LAN hardware,software, and other various network components.

[0035] Each customer subnetwork 28 a will be assigned its own data linklayer broadcast domain having a single IP subnet. To create singlebroadcast domains for each customer, virtual LANs (VLANs) are used onthe catalyst switches 16 a, 16 b in well-known fashion. By creatingindividual broadcast domains, multiple VLANs may be run over onephysical connection. The ATM devices in the hosting center utilize LANEto provide trunk connections between ATM switches 24 a, 24 b and routers22 a, 22 b. LANE allows the consolidation of multiple customers onto onephysical router interface by creating separate Emulated LANs (ELANs) foreach customer. This results in creation of a one-to-one correspondencebetween customers, broadcast domains, VLANs, ELANs, and IP subnets.

[0036] In its implementation, the LANE services are provided by threesoftware modules: LAN Emulation Configuration Server (LECS); LANEmulation Server (LES); and the Broadcast and Unknown Server (BUS). OneLECS will be designated for controlling operation of the LANE servicesfor the entire ATM network, while a LES/BUS pair will be assigned foreach ELAN configured in the hosting center. All three modules, however,are preferably stored in multiple places and maintained in “hot-standby”for redundancy purposes. A protocol known as the “simple serverredundancy protocol (SSRP)” by Cisco Systems is employed by the catalystswitches 16 a, 16 b to control the use of the redundant LANE servicesmodules.

[0037] For customers who require additional security, catalyst switches16 a, 16 b may both be connected to an individual customer throughmutually redundant connections, as shown by redundant communicationlinks 11 and 12 respectively connected to Blue and Green customersubnetworks 28 a in FIG. 1a. Catalyst switches 16 a, 16 b connected inthis fashion perform a “Spanning Tree Protocol” that is used toeliminate the catalyst switch as a single point of failure. As is wellknown in the art, the Spanning Tree Protocol allows the creation ofredundant paths between Ethernet segments by creating a loop-freetopology for a given broadcast domain. In particular, all bridges withinthe broadcast domain exchange topology information using the SpanningTree Protocol. Based on this information, certain bridge ports are thenput into a “blocking” mode. These ports essentially become “hot-standby”connections (i.e., physical connections identified but not active untila failure along the “primary” path occurs). FIG. 1b illustrates theconnections between the customer subnets 28 a and the catalyst switches16 a, 16 b as viewed from the OSI data link layer 2 level.

[0038] As a result of the Spanning Tree Protocol, in this example,communication links 10 and 13 are designated as the “primary”connections to the Blue and Green customer subnetworks, respectively, asshown by the solid lines connecting the customer subnets to the catalystswitches 16 a, 16 b in FIGS. 1a, 1 b. The connections formed bycommunication links 11 and 12 are “blocked,” i.e., connections areotherwise available for transporting data signals, but remaininactivate, as shown by the dashed lines in FIGS. 1a, 1 b. If, however,the “primary” catalyst switch 16 a or 16 b fails or otherwise losesconnectivity with the customer subnet, the other catalyst switch willbegin converting and forwarding data packets for that customer network28 a in lieu of the failed catalyst switch.

[0039] Assuming that both catalyst switches 16 a, 16 b are functional,the catalyst switches are respectively coupled to ATM switches 24 a, 24b (FIG. 1a) through communication links 5 and 8, which in this exemplaryembodiment are ATM optical connection level 3 (OC-3) fiber optic linkshaving signaling rates of approximately 155 Mbps. Any other knowntransmission links may also be used such as T1, OC-12, OC-192, etc. Inthe preferred embodiment, ATM switches 24 a, 24 b may be off-the-shelfversions of the commercially available ForeRunner™ series of ATMbackbone switches made by FORE Systems such as the ASX-200BX or ASX-1000ATM switches or other known functionally equivalent equipment. ATMswitches 24 a, 24 b selectively establish connections between ATMcommunication links 5, 8 and ATM communication links 1, 2, respectively.

[0040] In the preferred embodiment, additional redundant communicationlinks (ATM OC-3) 6 and 7 are respectively provided to connect catalystswitch 16 a with ATM switch 24 b, and to connect catalyst switch 16 bwith ATM switch 24 a, thereby making ATM switches 24 a, 24 b mutuallyredundant. In the event, for example, catalyst switch 16 a detects afailure of ATM switch 24 a, or otherwise detects a loss of connectivitythrough communication link 5, catalyst switch 16 a will remove link 5 asits primary communication link with the ATM architecture and designatecommunication link 7 as its new primary link. Similarly, catalyst switch16 b, upon detecting that ATM switch 24 b or original primarycommunication link 8 has failed, will begin relying on communicationlink 6 as its primary network link.

[0041] ATM switches 24 a and 24 b receive, in the ATM cell format, thetransmitted data packets from catalyst switches 16 a, 16 b. Based on theVPI/VCI data in the cell headers of the packets received data, ATMswitches 24 a, 24 b will establish connectivity to the appropriate oneof ATM OC-3 communication links 1, 2. As shown by dashed communicationlinks 3, 4, ATM switches 24 a, 24 b are redundantly connected to oneanother to maintain some lines of connectivity in the event one of theATM switches 24 a, 24 b fails (as will be discussed in detail below withrespect to routers 22 a, 22 b). For example, in the event that link 1fails, any traffic input through communication link 5 (or backup link 6)is re-routed through link 3 to ATM switch 24 b. Similarly, failure ofATM switch 24 b will cause traffic input to ATM switch 24 b via link 8will be rerouted to ATM switch 24 a through link 6.

[0042] At the receiving end of communication links 1, 2 (FIG. 1a) areinterface routers 22 a, 22 b, respectively, which are themselvesconnected to Internet backbone 200 via OC-3 links 20 a, 20 b,respectively. Preferably, interface routers are off-the-shelf versionsof the 7500 Advanced Router System series of routers by Cisco Systemssuch as the Cisco 7513 router. Interface routers 22 a, 22 b determine,for each ATM cell received, the best transmission path from the hostingcenter 210 to an external access point (e.g., border routers 17 a, 17 b)connecting the Internet backbone 200 with an external network. Forexample, the external network may, be another Internet backbone (e.g.,Sprint backbone), a host computer, an intranet LAN, or any other knownnetwork, device or apparatus connected to one of the border routers 17a, 17 b that is intended to receive Internet traffic. In the preferredembodiment, a “shortest exit” protocol is employed throughout theinfrastructure in attempting to select the path that provides theshortest, fastest, and least congested transmission path to the ultimatedestination (e.g., external access point) that may be available at thetime of transmission. In particular, within the hosting architecture210, the well-known “enhanced interior gateway redundancy protocol(EIGRP)” is performed to select the “shortest exit” path from a givenone of customer subnets 28 a through one of the possible communicationlinks (e.g., one of two OC-3 links 1, 2) to Internet backbone 200. Asimilar protocol known as the. “border gateway protocol (BGP)” isperformed in the Internet backbone 200 when determining which one of thepossible communication links between the Internet backbone 200 andhosting center 210 is to be selected based on a given external entrypoint to the Internet backbone 200 (e.g., one of external access points17 a, 17 b). As should be readily apparent, however, any other suitableprotocol used in the art may be applicable.

[0043] Although interface router 22 a is shown physically connected toonly one of the ATM switches (i.e., switch 24 a) through a singlecommunication line 1, a layer 3 routing redundancy is provided in theevent router 22 a or line 1 should fail. Both routers 22 a, 22 b employa protocol known as “hot standby routing protocol (HSRP),” which allowsrouter 22 b to monitor the activity of router 22 a and take over itsresponsibilities in the event router 22 a or link 1 fails. (Router 22 aperforms the same redundancy service for router 22 b using HSRP.) Thetwo routers 22 a, 22 b are thus considered mutually redundant. Inoperation, HSRP creates a “virtual default gateway” by sharing a singleIP address between routers 22 a, 22 b. As viewed by certain ones ofcustomer subnets 28 a (e.g., Red and Blue customer subnets), router 22 ais designated as an “active” router, while router 22 b is designated asthe “standby” router. In this example, the Red and Blue customer subnets28 a store the single IP address mutually assigned to routers 22 a, 22 bas its “default router.” Because HSRP allows both routers 22 a, 22 b toshare the same IP address, there is no need to reconfigure the Red andBlue customer subnets 28 a in the event router 22 b must take over asthe “active” router. For other customer subnets 28 a (e.g., Green andBrown customer subnets), router 22 b is designated as the “active”router, while router 22 a is the “standby” router. Thus, on the networklayer 3 level, the shared IP address makes routers 22 a, 22 b appear asa single virtual router 22 a′, as shown in FIG. 1c. A different sharedIP address designated for use by other customer subnets (e.g., Green andBrown customer subnets 28 a), make routers 22 a, 22 b appear on thenetwork layer 3 level as virtual router 22 b′.

[0044] In accordance with the invention, a “one hop” routing protocol isprovided to significantly eliminate most of the delay inherent inconventionally routing the transmitted data packets from the customer'ssubnetwork through the Internet backbone 200. Interface routers 22 a, 22b and ATM switches 24 a, 24 b employed in the network architecture ofthe invention are “fully meshed” (i.e., in a state of completeconnectivity) with all the routers (e.g., 17 a, 17 b, 19 a, 19 b) andall the ATM switches (e.g., 18 a, 18 b, 18 c) in the Internet backbone200. Thus, in accordance with the invention, interface routers 22 a, 22b are each fully connected to each and every router in the Internetbackbone 200. This complete connectivity is provided through preassignedlogical transmission paths (known as “permanent virtual circuits(PVCs)”) utilizing various transmission segments along a routeconnecting each interface router 22 a, 22 b in hosting center 210 toeach router in the Internet backbone 220.

[0045] The PVCs are composed of one or more ATM transmission pathsegments (e.g., communication lines between switches, routers, or othernodes in the network) whose connections through ATM switches arepreassigned during configuration of the infrastructure. Instead ofallocating the switch connections during a “call setup” process, asdiscussed above, the switch connections provided through the ATMswitches are fixed permanently (at least until all or part of theinfrastructure is reconfigured).

[0046] Because, in accordance with the invention, each router in thehosting center 210, as well as in the Internet backbone 200, stores arecord of the paths formed by the preassigned PVCs in the network, themost appropriate logical transmission path from one interface router 22a, 22 b to a router on an external access point (e.g., 17 a, 17 b) ofthe Internet backbone 200 can be selected and the data packettransferred in “one hop” with only a single routing process beingperformed. As should be readily apparent, the routing of data packets inthe routers of the network is a layer 3 (OSI) process. Although only asingle routing step is necessary, the transmission of the data packet (aphysical layer 1 process) may require transfer through a number ofdifferent ATM switches and transmission links between the interfacerouters 22 a, 22 b and the border routers 17 a, 17 b.

[0047] In accordance with another preferred embodiment of the invention,the hosting center architecture described above may be deployed inconjunction with existing hosting architecture, whether or not theexisting architecture is ATM-based. Often an Internet provider who hasinvested considerable capital and other resources in installing andmaintaining its existing hosting architecture may be reluctant toperform a complete tear down and replacement with the ATM-basedarchitecture described above; instead, opting for a transition period inwhich both the original and new architecture could be utilizedsimultaneously. In accordance with this embodiment of the invention, thehosting center 210 can be extended to incorporate the existingarchitecture 310, as shown in FIG. 2a.

[0048] In the case where the existing architecture 310 is based on a“connectionless” technology such as FDDI and the new architecture 210 isbased on a “connection-oriented” technology such as ATM, extension orgateway-type routers 38 a, 38 b must be provided to ensure the propertransmission of data packets between the different data link layerprotocols. These gateway-type routers 38 a, 38 b may also be implementedby the 7500 Advanced Router System series of routers by Cisco Systemssuch as the Cisco 7507 or Cisco 7513 routers. The amount of traffic thatwill be transferred between hosting centers 210 and 310 is preferablyheld to a minimum by restricting the types of services offered bycustomer subnets 28 c to those that can be hosted on the FDDIarchitecture 310. As noted previously, FDDI architecture 310 lackedadequate reliability, scalability and processing speed to support theincreasing population of web servers and other bandwidth intensiveapplication servers. The FDDI architecture 310, however, may be suitablefor Net News servers, Mail servers, or other servers whose populationincrease is slower and whose traffic can be more easily supported by thebandwidth limited FDDI shared network and DS-3 connections to theInternet backbone 200. Hosting services for customer subnets 28 a, 28 bhaving web servers, intranet servers, and other customer applicationservers which require high reliability, resiliency, scalability andminimal delay is better served by the ATM-based architecture 210. (FIG.2a illustrates another embodiment of the invention that permitsinterface routers 22 a, 22 b to perform the customer subnet routerfunctions of catalyst switches 16 a, 16 b, as well as its normal borderrouting functions. Such an implementation, of course, may requireadditional processing power to achieve the desired results.)

[0049] In a further embodiment of the invention (shown in FIG. 2b), theFDDI architecture 310 can be completely replaced by reconfiguring theborder routers 32 a, 32 b (FIG. 2a) into interface routers 32 a′, 32 b′(FIG. 2b) connected to ATM switches 24 a, 24 b. As such, reconfiguredinterface routers 32 a′, 32 b′ provide “one hop” routing over the fourDS-3 communication links connecting the hosting center 210 to theInternet backbone 200. Customer routers 36 a, 36 b (FIG. 2a) can bereplaced by catalyst switches 16 c, 16 d (FIG. 2b) used to convert theformat/protocol of the traffic generated by (or for) Net News (or otherlike) server-based customer subnetworks 28 c into (from) the trafficformat/protocol used in the ATM switched architecture in the hostingcenter 210. Frame relay router 16 e, which may be an off-the-shelfversion of the commercially available 7500 Advanced Router System seriesof routers by Cisco Systems such as the Cisco 7513 router, can also beadded to provide support for an independent OC-3 connection to a framerelay-based private network such as those commercially available fromMCI. Such private networks are often required of frame relay customersubnets 28 b that desire more secure intranet, extranet, or other largewide area network services.

[0050] Prior to going “on-line” with any new network infrastructure,various tests of the new network must be performed to ensureworkability, connectivity, reliability, etc. In accordance with anotherpreferred embodiment of the invention, a test environment may be createdin order to verify deployment of a network infrastructure such as thatdepicted in FIG. 1a. In accordance with this embodiment, the productioncomponents (e.g., Catalyst 5500 switch, Cisco 7513 router, etc.) thatwill be used in the final version of the hosting center networkinfrastructure should be used in testing the viability of the networkdesign and configuration. However, in practice, new networkinfrastructure designs are typically deployed using (at least in part)existing hardware and software. In such cases, it is not practical to“take down” the existing network in order to determine if the plannednew infrastructure will successfully replace the existing network. Forthis reason, functionally equivalent components may suffice to simulatethe components that will ultimately be used in the productionimplementation of the planned network.

[0051] For illustration purposes, therefore, the deployment of the testarchitecture shown in FIG. 3 is made to approximate the preferredcomponents used in the network infrastructure illustrated in FIG. 1a.For example, the test architecture utilizes as part of hosting center 43two ATM switches 46 a, 46 b represented by a FORE Systems LE155 and aFORE Systems ASX1000, respectively. Catalyst switches 42 a, 42 b arerepresented by two Cisco Catalyst 5500 switches with ATM LANE interfacemodules. Border or interface routers 49 a, 49 b are represented by twoCisco 7507 routers. (The routers 49 a, 49 b need not be identical inconfiguration. In this example, router 49 a contains one ATM interfaceprocessor (AIP), while router 49 b contains one versatile interfaceprocessor (VIP) with ATM-Lite port adapter.) To simulate client requestsfrom the Internet backbone, a third interface router 49 c is provided toemulate the functionality of a border router using a Cisco AdvancedGateway Server Plus (AGS+) router. In this preferred embodiment, allthree interface routers 49 a, 49 b, 49 c communicate through EIGRP. (Aswith the other commercial components enumerated herein, it should bewell understood that the above stated manufacturers and part numbers caneasily be replaced by others that will provide equivalent services andfunctionality within the test environment.)

[0052] In this embodiment, the fully meshed ATM PVCs of the hostingcenter (used in the embodiment of FIG. 1a) can be emulated using asingle ATM emulated local area network (ELAN) running LAN Emulation(LANE) protocol. The LANE services protocol software used may be run oncatalyst switches 42 a, 42 b, on ATM switches 46 a, 46 b, on routers 49a-49 c, or even on dedicated processing units such as the two FORE ASN9000 nodes 51, 53 shown in FIG. 3. The LANE services must be provided ina redundant capacity. Any one of a number of known technologies may beused to provide the LANE services in this manner. The “Simple ServerRedundancy Protocol (SSRP)” provided by Cisco Systems or the“Distributed LAN Emulation (DLE)” by Fore Systems are typical examplesof such technologies. Using SSRP, one active LES/BUS pair per ELAN ismaintained while other LES/BUSs for the same ELAN are in a backup state.The SSRP maintains a virtual connection (VC) to each LES/BUS, therefore,Cisco's LAN Emulation Clients (LECS) implementation is able to determinewhich LES/BUSs are functioning and, as a result, directs all LECs to thefunctioning LES/BUS in the order of highest priority. Using DLE,multiple active LES/BUS pairs for a single ELAN can be maintained. LECswill be connected to the “closest” LES/BUS. The multiple LES/BUS pairsshare traffic by maintaining several point to multi-point VCs betweeneach other. In the event of a LES/BUS failure, any LECs attached to thatLES/BUS will rejoin the ELAN and be connected to the “closest”functioning LES/BUS.

[0053] Laptop 55 emulates a client connecting to the customer serversfrom the Internet. It is shown interfaced with border router 49 c. Tosimulate a multiple customer load environment, a number (e.g., thirtythree) of ELANS can be established. Routers 49 a, 49 b and catalystswitch 42 a can be configured to be LAN Emulation clients on all theELANS, although the exact location of the software is not critical.

[0054] To emulate customer server connections, one or more workstationscan be connected to one or both catalyst switches 42 a, 42 b. In thisexample, two Sun Microsystems SPARC Ultra 1 units 40 a, 40 b areprovided. In particular, in order to emulate a dual connected customerserver, SPARC station 40 a is shown attached to both catalyst switches42 a, 42 b through a 10 Mb ethernet hub 50. In order to emulate a singleconnection, SPARC station 40 b is attached directly to catalyst switch42 a. It should be understood that any processor-based system may besubstituted for the aforementioned SPARC stations for purposes ofemulating a customer connection.

[0055] In the preferred embodiment, the LANE services were run oncatalyst switches 42 a, 42 b. LANE services run on the catalyst switches42 a, 42 b may make use of the fault tolerance and redundancy offered bythe dual-PHY ATM LANE module found within each catalyst switch 42 a, 42b, which provides an extra measure of security in the infrastructure.This extra security, however, often requires that the ATM NetworkService Access Point (NSAP) address of the catalyst switch does notchange when it fails over to the redundant PHY connection. In order toaccomplish this, the ATM switch ports, to which the catalyst isattached, must be specially configured. Specifically, the NSAP prefixconfigured for the catalyst's secondary PHY must match the NSAP prefixconfigured for the catalyst's primary PHY.

[0056] In accordance with a preferred embodiment of the invention, theinterface routers 49 a, 49 b, of FIG. 3, employ the redundancy protocolHSRP. The standby priority on each sub-interface is preferably set toensure that only half of the sub-interfaces on each router 49 a, 49 bare active. The Spanning Tree Protocol performed on the catalystswitches may require that the active catalyst (e.g., catalyst switch 42b) for a given VLAN should be set to a priority of 100 to ensure italways becomes the root bridge for that VLAN. Additionally, the backupcatalyst (e.g., catalyst switch 42 a) should be set to a priority of 200to ensure it always becomes the root bridge in the event of a failure ofthe active catalyst switch. The root bridge can be forced in any numberof known ways such as using the “set spantree priority” command for eachVLAN.

[0057] With reference to FIG. 5, in accordance with the preferredembodiment of the invention, each customer network is attached to atleast two different customer routers 501 a, 501 b for redundancy. Onepotential problem associated with this infrastructure is as informationtravels from, for example, customer network 505 to customer network 510,the information will be load balanced across all available paths. Theload balancing will include the dual connected customer network 515. Asis readily apparent, this practice would take away from the bandwidthavailable to customer network 515, and could potentially presentsecurity problems.

[0058] An acceptable method to avoid this problem is to adjust the EIGRPmetrics to ensure that traffic between customer networks (e.g., 505 and510) will be routed only through the backbone 500 a, 500 b. Inaccordance with the invention, the metrics can be properly adjusted byuse of the “bandwidth” interface command on each customer ATM LANEsub-interface. After configuring the test environment in accordance withthe discussion above, the following procedure may be implemented to testthe resiliency of the network infrastructure in FIG. 3. Essentially, theresiliency is tested through systematically failing each portion of thetest environment, particularly, by introducing various fault conditions.These fault conditions could be in the form of removed connections,disabled supervisor modules, power failures, or any other parametersneeded to evaluate performance of a given infrastructure design.

[0059] During this process, the client-server connection between thehost center infrastructure and the BIPP 48 should be simulated. Forexample, a test signal (e.g., continuous signal) can be run from laptop55 to one of the emulated customer server stations (e.g., SPARC station40 a). As each fault condition is introduced and corrected in thenetwork, the time delay for the test signal to once again be received atthe SPARC station 40 a can be used to quantify the resiliency of theinfrastructure. An exemplary testing procedure is provided below.

[0060] As a first step in the procedure, cable 7, connecting the hub 50to the secondary catalyst 42 a is removed. No down time should beexperienced since cable 7 is not in the active path. Cable 7 is thenreconnected to secondary catalyst 42 a. Cable 6, connecting the hub 50with the primary catalyst 42 b, is then removed. A limited period oftime (e.g., 45 seconds) will be needed for system recovery time torestore the signal to station 40 a. Cable 6 is then restored to itsoriginal position. Next, the running supervisor module in the primarycatalyst 42 b is removed in order to test redundancy of the dualsupervisor modules. A limited period of time for recovery (e.g., 2minutes).should be allotted. The first supervisor module of the previousstep is then restored. Next, the second supervisor module of catalyst 42b is removed to cause the original supervisor module to again become therunning module. After recovery is made, the second supervisor module ofcatalyst 42 b is then re-inserted.

[0061] The test method of the invention now turns to secondary catalyst42 a, where cable 5, the primary connection between catalyst switch 42 aand ATM switch 46 b, is removed. No downtime is experienced becausecable 5 is not in the active path. Cable 5 is then restored to itsoriginal connection. Next, cable 3, the redundant connection between ATMswitch 46 a and the primary catalyst 42 b, is removed. No downtime isexperienced. Cable 3 is then restored to its original connection. Next,cable 4, the primary connection between ATM switch 46 b and primarycatalyst 42 b, is removed. After recovery, cable 4 is then restored toits original position. Next, redundant cable 3 is again removed so as tocause the primary PHY ATM LANE module, within catalyst 42 b, to againbecome active.

[0062] The next scheduled test parameter is a power failure of thesecondary catalyst 42 a. It should be noted, however, that no downtimeis expected from such a power failure of catalyst 42 a.

[0063] Next, a failure of one of the dual power supplies within primarycatalyst 42 b is introduced into the FIG. 3 test environment. Nodowntime is experienced since catalyst 42 b continues to operate usingonly one power supply. Next, a failure of both power supplies within theprimary catalyst 42 b is introduced. A recovery time, (e.g., 1 minute)is experienced while the Spanning Tree Protocol, routing, LECS, LES/BUS,and HSRP converge upon the secondary catalyst 42 a. Next, the primarycatalyst 42 b is restored to full power and a small downtime (e.g., 53seconds) may be experienced. It should be noted that the downtime periodwill not begin until after restoring power to catalyst 42 b, whenreconvergence of the Spanning Tree Protocol, routing, LECS, LES/BUS andHSRP to the primary catalyst 42 b can be made.

[0064] Next, redundant power supply testing of ATM switches 46 a, 46 bis performed with no downtime period expected. Next, a complete powerfailure of secondary ATM switch 46 a is introduced. No downtime shouldbe experienced since switch 46 a is not in the active path. Power issubsequently restored to ATM switch 46 a.

[0065] Next, cable 1, connecting switch 46 a to “backup” router 49 a isremoved. Because the backup router 49 a is not in the active path, nodowntime is expected. Cable 1 is then restored to its original position.Next, cable 2, connecting ATM switch 46 b with active router 49 b, isremoved. A short recovery period (e.g., 12 seconds) is anticipated asrecovery time. Cable 2 is then reconnected.

[0066] The next fault condition introduced in the procedure is thefailure of the LES/BUS pair for the catalyst switches. First, theLES/BUS pair for secondary catalyst 42 a is disabled; no downtime isexpected. The LES/BUS pair for catalyst 42 a is then re-enabled againwithout any experienced downtime. Next, the LES/BUS pair for the primarycatalyst 42 b is disabled, with a short recovery period (e.g., 35seconds) expected. The recovery time in this instance is anticipated dueto the fact that all LECs have to reconnect to the new LES/BUS pair, andthe Spanning Tree Protocol, HSRP, and EIGRP must all converge onto thesecondary catalyst 42 a. The LES/BUS pair on the primary catalyst 42 bis subsequently re-enabled, resulting in a short recovery period (e.g.,31 seconds) necessary for re-convergence upon primary catalyst 42 b.

[0067] Next, the LECS for the secondary catalyst 42 a is disabledresulting in no expected downtime because the “backup” LECS is not inthe active path. The LECS for secondary catalyst 42 a is then re-enabledwithout any downtime. Next, the LECS for primary catalyst 42 b isdisabled without any downtime being experienced. This is an expectedresponse due to the fact that disabling the primary LECS will onlyprevent new LECs from joining ELANs. Finally, the LECS on the primarycatalyst 42 b are re-enabled without any downtime experienced.Similarly, this is expected since re-enabling the primary LECS will onlyallow new LECs to join ELANs.

[0068] It should be readily apparent that, although only two catalystswitches, two ATM switches and three routers were utilized in theforegoing environment for the sake of simplicity, any number of these orsimilar components may be used in a similar arrangement withoutdeparting from the spirit and scope of the test method of the invention.

[0069] In accordance with another embodiment of the invention, a methodof adding a new customer connection to an existing infrastructure isdiscussed below.

[0070] Before the process of adding new customer connections can beperformed, a number of configuration parameters must first beascertained from the network devices that will accommodate a newcustomer connection. Although any number of parameters may be requireddepending on the infrastructure design, the most common parameters areillustrated herein. The first parameter to be identified is thecustomer's Internet Protocol (IP) prefix; specifically, the IP networknumber and mask to be used on this customer connection. The secondparameter to be identified is the customer's unique connection number; anumber used solely for internal network configuration purposes.Connection numbers are assigned sequentially and begin with the numbertwo. The third parameter to be identified is the customer's ELAN name.Preferably, the name is composed of some number (e.g., 1 to 29) of ASCIIcharacters which include the customer's name (e.g., “Acme 33” for the33rd customer connection onto the infrastructure).

[0071] The fourth parameter to be identified is a unique VLAN numberused to represent the catalyst VLAN assigned to the customer. The numberis preferably consistent with the connection number (i.e., secondparameter, above), however, if a conflict exists, any other uniquenumber may be used. The fifth parameter to be identified is thecustomer's access control lists, to implement the customer's firewallingpolicies. The sixth parameter to be identified is the catalystconnection points. If the customer will be connected to two catalystswitches, a primary and a secondary switch must be identified. Inaddition, the exact switch ports to be used by that customer on eachcatalyst should be identified. It is advisable for each switch toservice the same number of primary customer connections.

[0072] The last parameter to be identified is the router connectionpoints; the routers and slots to be used for active and standby defaultgateways. It should be noted that the active router/slot combination ispreferably attached to the same ATM switch as the active connection fromthe primary catalyst switch (i.e., from sixth parameter above).Similarly, the standby router/slot combination should be attached to thesame ATM switch as the active connection from the secondary catalystswitch. As is true for the catalyst switch, new customer connectionsshould preferably be balanced across available routers such that eachrouter is servicing the same number of primary customer connections.

[0073] After identifying the configuration parameters needed, theprocedure for adding a new customer connection can be commenced. Theprocedure initially requires creating a new VLAN for this new customernetwork on the primary catalyst switch. The appropriate ports to thenewly created VLAN are then assigned. The root bridge for this VLAN mustbe set as the primary catalyst. The primary LES/BUS pair and a LEC onthe ATM LANE module must then be configured.

[0074] Next, a determination needs to be made as to how many catalystswitches the customer will be connected. If the customer will beconnected to two catalyst switches, a new VLAN for this customer networkmust be created on the secondary catalyst switch. The appropriate portsto the newly created VLAN are then assigned. It must then be ensuredthat this secondary catalyst will become the root bridge for this VLANif the primary catalyst fails. The secondary LES/BUS pair and a LEC onthe ATM LANE module are then configured. If the customer will beconnected to only one catalyst switch, a connection is made to thecatalyst switch which will act as a secondary LES/BUS pair for thiscustomer. Since this customer will be connecting to only one catalystswitch, there is no need to configure a VLAN or a port. However, thesecondary LES/BUS pair on the ATM LANE module of the secondary catalystswitch should be configured since the secondary catalyst switch will actas a backup LES/BUS pair. The connection to the ATM LANE module of thecatalyst switch which is acting as the primary LECS is then made.Therefore, an entry needs to be created in the LECS database for the newELAN.

[0075] Whether or not a single or dual connection is made to thecatalyst switch, the procedure then requires that a connection be madeto the ATM LANE module of the catalyst switch which is acting as thesecondary LECS. Connection is then made to the router which will serveas this customer's active router by configuring a named IP extendedaccess list. The ATM sub-interface on the active router must then beconfigured. The EIGRP should then be configured for the new customer onthe active router.

[0076] Connection is then made to the standby router. This requires theconfiguring of a named IP extended access-list which is exactly the sameas the list created in step fourteen. Next, the ATM sub-interface forthe standby router is configured.

[0077] The EIGRP for the standby router is then configured. While theinvention has been described in detail in connection with the best modeof the invention currently known, it should be readily understood thatthe invention is not limited to the specified embodiments describedherein. Rather, the invention can be modified to incorporate any numberof variations, alterations, substitutions or equivalent arrangements notheretofore described, which are commensurate with the spirit and scopeof the invention. For example, only two routers, two ATM switches, andtwo catalyst switches were shown in the FIG. 1a hosting center 210 forsimplicity of discussion. It should be readily apparent that any numberof routers, ATM switches and catalyst switches may be used as necessaryto meet customer requirements. Although specific commercially availablecomponents used to practice the invention have been identified, such asthe Cisco Catalyst 5X00, FORE Systems ASX-200BX, and the Cisco 75X0,substitution of one or more other make or model components that satisfythe minimum structural and/or functional aspects of the invention as setforth herein is contemplated for use in practicing the invention.

[0078] In addition, similarly to the test environment, of FIG. 3, theLANE services operating on the catalyst switches 16 a, 16 b (of FIG. 1a)may instead be run in part or whole on the ATM switches, routers, oreven a stand-alone device such as an off-the-shelf version of thecommercially available ASN 9000 by FORE Systems. The LANE services maybe employed utilizing the off-the-shelf version of the Distributed LANEmulation (DLE) software commercially available and known as“ForeThought 5.0” by FORE Systems.

[0079] Accordingly, the invention is not limited by the foregoingdescription, but is only limited by the scope of the appended claims.

What is claimed as new and desired to be protected by Letters Patent ofthe United States is:
 1. A network interface for use in interfacing asubnetwork to a main network to allow transmission of informationsignals between the subnetwork and the main network, the interfacecomprising: a plurality of interface switches establishing connectionsfor information signals transmitted between the subnetwork and the mainnetwork; first and second routers, each router being independentlycoupled to respective ones of said interface switches, said first andsecond routers determining the interconnecting transmission path forinformation signals to be transmitted between the subnetwork and themain network; and a plurality of permanent virtual circuits (PVCs)defining dedicated logical transmission paths from each of said firstand second routers to each node in the main network through at least oneof said plurality of interface switches.
 2. The network interface asrecited in claim 1, wherein only a single routing hop is performed whentransmitting information signals between a router at an external accesspoint in the main network and one of said first and second routers inthe network interface.
 3. The network interface as recited in claim 2,wherein the main network is an asynchronous transfer mode (ATM) switchednetwork having a plurality of nodes in the form of routers controllingtransmission of the information signals through a plurality of ATMswitches as the information signals are transmitted between thesubnetwork and an external access point of the main network.
 4. Thenetwork interface as recited in claim 3, wherein the ATM switchednetwork is an Internet backbone and the subnetwork is an Ethernet-basedlocal area network (LAN) having a world wide web server.
 5. The networkinterface as recited in claim 4, wherein said plurality of interfaceswitches include at least two ATM switches.
 6. The network interface asrecited in claim 5, wherein the information signals are data signals inthe form of digital packets.
 7. The network interface as recited inclaim 4, further comprising a plurality of edge devices, each edgedevice being coupled to the subnetwork, said edge devices performing aLAN-to-ATM conversion function to permit applications to runtransparently on the subnetwork over the ATM switched network.
 8. Thenetwork interface as recited in claim 7, wherein said plurality of edgedevices include at least two catalyst switches.
 9. The network interfaceas recited in claim 2, wherein said first router processes, as an activerouter, a first portion of the information signals representingapproximately one half of the information signals handled by the networkinterface, and said first router processes, as a stand-by router, asecond portion of the information signals representing a remainder ofthe information signals not processed by said first router; and whereinsaid first router, as a stand-by router, only processes the secondportion of the information signals if said second router fails.
 10. Thenetwork interface as recited in claim 9, wherein said second routerprocesses, as an active router, the second portion of the informationsignals representing a remainder of the information signals notprocessed by said second router, and said second router processes, as astand-by router, the first portion of the information signals handled bythe network interface, wherein said second router, as a stand-by router,only processes the first portion of the information signals if saidfirst router fails.
 11. The network interface as recited in claim 2,wherein if one of said interface switches fails, both said first andsecond routers determine the interconnecting transmission path forsubsequent information signals using PVCs that bypass the failedinterface switch.
 12. The network interface as recited in claim 2,further comprising: a dual-ring fiber distributed data interface (FDDI)fiber optic network transmitting peripheral information signals betweena peripheral subnetwork and the main network; third and fourth routersdesignating transmission paths through said FDDI network in transitbetween the peripheral subnetwork and the main network; and at least oneextension router controlling interconnection of said interface switchesand said FDDI network.
 13. A resilient interface architecturecomprising: at least two interface switches providing connectivitybetween a subnetwork and a main network, wherein, if one of saidswitches fails, the connectivity otherwise provided by the failedinterface switch is provided by another one of said interface switches;and at least two interface routers, each interface router individuallycoupled to at least one interface switch, said interface routersselecting a transmission path between the subnetwork and the mainnetwork through said interface switches, wherein, if one of saidinterface routers fails, the selection of transmission paths otherwiseprovided by the failed interface router is provided by another one ofsaid interface routers.
 14. The resilient interface architecture ofclaim 13, further comprising at least two network communication linkstransporting information signals between the interface architecture andthe main network, wherein, if one of said network communication linksfails, another one of the network communication links transports theinformation signals that would otherwise be transported by the failedcommunication link.
 15. The resilient interface architecture of claim14, wherein said network communication links include two opticalconnection communication links.
 16. The resilient interface,architecture of claim 14, further comprising: a plurality of peripheralnetwork communication links transporting peripheral information signalsbetween a peripheral subnetwork and the main network; a dual-ring fiberdistributed data interface (FDDI) fiber optic network transporting theperipheral information signals between the peripheral subnetwork and themain network; at least two FDDI routers designating transmission pathsfor the peripheral information signals through said FDDI network intransit between the peripheral subnetwork and the main network; and atleast two extension routers controlling interconnection of saidinterface switches and said FDDI network.
 17. The resilient interfacearchitecture of claim 16, wherein, if said at least two networkcommunication links fail, said interface routers select transmissionpaths through said peripheral communications links and said FDDI networkto transport information signals between the subnetwork and the mainnetwork.
 18. The resilient interface architecture of claim 13, furthercomprising a plurality of permanent virtual circuits (PVCs) definingdedicated logical transmission paths from each of said interface routersto each node in the main network through at least one of said interfaceswitches.
 19. The resilient interface architecture of claim 18, whereineach node of the main network is a signal router designatingtransmission paths for information signals transported through the mainnetwork; and wherein each of said interface routers are fully meshedwith the signal routers in the main network.
 20. The resilient interfacearchitecture of claim 13, wherein the subnetwork is a server local areanetwork, the main network is an asynchronous transfer mode (ATM)switched network, and the information signals are streaming audio andvideo signals.
 21. A high resiliency network infrastructure for use inhosting information services on the Internet, the network infrastructurecomprising: an Internet backbone transporting Internet data betweenInternet access points; the Internet backbone comprising: a plurality offirst physical links upon which the Internet data traverses saidInternet backbone on route between Internet access points; a pluralityof first asynchronous transfer mode (ATM) switches, connectingrespective ones of said first physical links, directing the Internetdata from one of said first physical links to another of said firstphysical links on route between Internet access points; and a pluralityof Internet routers, each coupled to at least one of said first ATMswitches, selecting data paths composed of ones of said first physicallinks and said first ATM switches upon which the Internet data traversesacross said Internet backbone; a hosting network based on an open systeminterconnect (OSI) stack protocol, for transporting Internet databetween an access point on said Internet backbone and a customersubnetwork, which provides redundancy at a physical interface layer, adata link layer, and a network layer of the OSI stack protocol, saidhosting network comprising: a plurality of mutually redundant secondphysical links upon which the Internet data traverses said hostingnetwork on route between an Internet access point and the customersubnetwork; a plurality of mutually redundant second ATM switches,connecting respective ones of said second physical links, directing theInternet data from one of said second physical links to another of saidsecond physical links on route between an Internet access point and thecustomer subnetwork; and a plurality of mutually redundant hostingrouters, each coupled to at least one of said second ATM switches,selecting data paths composed of ones of said second physical links andsaid second ATM switches upon which the Internet data traverses acrosssaid hosting network, wherein each of said hosting routers is fullymeshed with said Internet routers.
 22. The high resiliency networkinfrastructure recited in claim 21, wherein: said plurality of mutuallyredundant second physical links includes at least two optical fibercommunication links transporting information signals between saidhosting network and said Internet backbone, wherein, if one of saidoptical fiber communication links fails, another one of the opticalfiber communication links transports the information signals that wouldotherwise be transported by the failed optical fiber communication link;said plurality of mutually redundant second ATM switches includes atleast two ATM interface switches providing connectivity between acustomer subnetwork and said Internet backbone, wherein, if one of saidATM interface switches fails, the connectivity otherwise provided by thefailed ATM interface switch is provided by another one of said ATMinterface switches; and said plurality of mutually redundant hostingrouters includes at least two interface routers, each interface routerindividually coupled to at least one ATM interface switch, saidinterface routers selecting a transmission path between the customersubnetwork and the Internet backbone through said ATM interfaceswitches, wherein, if one of said interface routers fails, the selectionof transmission paths otherwise provided by the failed interface routeris provided by another one of said interface routers.
 23. The highresiliency network infrastructure recited in claim 21, furthercomprising: a plurality of permanent virtual circuits (PVCs) definingdedicated logical transmission paths from each of said hosting routersto each Internet router in said Internet backbone through at least oneof said plurality of first ATM switches; and wherein only a singlerouting hop is performed when transporting information signals betweenone of said Internet routers at an external access point in saidInternet backbone and one of said hosting routers in said hostingnetwork.
 24. A method of interfacing a subnetwork to a main network toallow transmission of information signals between the subnetwork and themain network, the method comprising the steps of: establishingconnections with a plurality of interface switches for transportinginformation signals between the subnetwork and the main network;independently coupling to each of the interface switches first andsecond routers; determining the interconnecting transmission path forinformation signals to be transported between the subnetwork and themain network; and defining dedicated logical transmission paths fromeach of the first and second routers to each node in the main networkthrough at least one of the plurality of interface switches.
 25. Themethod as recited in claim 24, further comprising the step of performingonly a single routing hop when transmitting information signals betweena router at an external access point in the main network and one of thefirst and second routers, and wherein the dedicated logical transmissionpaths defined in said defining step are made of permanent virtualcircuits (PVCs).
 26. The method as recited in claim 25, wherein the mainnetwork is an asynchronous transfer mode (ATM) switched network having aplurality of nodes in the form of routers, the method further comprisingthe step of controlling transmission of the information signals througha plurality of ATM switches as the information signals are transmittedbetween the subnetwork and an external access point of the main network.27. The method as recited in claim 26, wherein the ATM switched networkis an Internet backbone and the subnetwork is a Token Ring-based localarea network (LAN) having a ftp file access server.
 28. The method asrecited in claim 27, further comprising the step of performing aLAN-to-ATM conversion function to permit applications to runtransparently on the subnetwork over the ATM switched network.
 29. Themethod as recited in claim 25, further comprising the steps of: usingthe first router as an active router, processing a first portion of theinformation signals representing approximately one half of theinformation signals transported between the subnetwork and the mainnetwork; using the first router as a stand-by router, monitoring asecond portion of the information signals representing a remainder ofthe information signals not processed by the first router; and if thesecond router fails, processing, using the first router as an activerouter, the second portion of the information signals.
 30. The method asrecited in claim 29, further comprising the steps of: using the secondrouter as an active router, processing the second portion of theinformation signals transported between the subnetwork and the mainnetwork; using the second router as a stand-by router, monitoring thefirst portion of the information signals representing a remainder of theinformation signals not processed by the second router; and if the firstrouter fails, processing, using the second router as an active router,the first portion of the information signals.
 31. The method as recitedin claim 25, further comprising the step of, if one of the interfaceswitches fails, determining the interconnecting transmission path forsubsequent information signals using PVCs that bypass the failedinterface switch.
 32. The method as recited in claim 25, furthercomprising the steps of: transmitting peripheral information signalsbetween a peripheral subnetwork and the main network using a dual-ringfiber distributed data interface (FDDI) fiber optic network; designatingtransmission paths through the FDDI network in transit between theperipheral subnetwork and the main network using third and fourthrouters; and controlling interconnection of the interface switches andthe FDDI network using at least one extension router.
 33. A resilientinterface method: providing connectivity between a subnetwork and a mainnetwork with at least two interface switches; providing if one of theswitches fails, the connectivity otherwise provided by the failedinterface switch by another one of the interface switches; individuallycoupling to at least one interface switch at least two interfacerouters; and selecting a transmission path between the subnetwork andthe main network through the interface switches, wherein, if one of theinterface routers fails, the selection of transmission paths otherwiseprovided by the failed interface router is provided by another one ofthe interface routers.
 34. The resilient interface method as recited inclaim 33, further comprising the steps of: transporting informationsignals between the subnetwork and the main network using at least twonetwork communication links; and transporting, if one of the networkcommunication links fails, the information signals that would otherwisebe transported by the failed communication link.
 35. The resilientinterface method as recited in 34, wherein the network communicationlinks include two optical connection communication links.
 36. Theresilient interface method of claim 34, further comprising: transportingperipheral information signals using a plurality of peripheral networkcommunication links between a peripheral subnetwork and the mainnetwork; transporting the peripheral information signals between theperipheral subnetwork and the main network using a dual-ring fiberdistributed data interface (FDDI) fiber optic network; designatingtransmission paths using at least two FDDI routers for the peripheralinformation signals through the FDDI network in transit between theperipheral subnetwork and the main network; and controllinginterconnection of the interface switches and the FDDI network using atleast two extension routers.
 37. The resilient interface method asrecited in claim 33, further comprising the step of defining dedicatedlogical transmission paths from each of the interface routers to eachnode in the main network through at least one of the interface switchesusing a plurality of permanent virtual circuits (PVCs).
 38. Theresilient interface method as recited in 37, further comprising thesteps of: designating transmission paths for information signalstransported through the main network, wherein each node of the mainnetwork is a signal router; and fully meshing each of the interfacerouters with the signal routers in the main network.
 39. A method ofverifying the operation of a network interface which interfaces asubnetwork and a main network comprising the steps of: providing a testenvironment for verifying the operation of the network interface;transmitting a test signal from a first location simulating acommunication between the subnetwork and main network; receiving thetest signal at a second location; introducing at least one faultcondition into the test environment; and observing an effect upon thetransmitted test signal as a result of introducing the fault into thetest environment.
 40. The method as recited in claim 39, wherein saidproviding step further comprises: providing a main network; providing asubnetwork; providing a plurality of interface switches and a pluralityof interface routers; and using the plurality of interface switches andthe plurality of interface routers to interface from said subnetwork tosaid main network.
 41. The method as recited in claim 40, wherein saidmain network is an asynchronous transfer mode (ATM) switched network.42. The method as recited in claim 41, wherein said main network iscomprised of at least one ATM switched Emulated Local Area Network(ELAN) running LAN Emulation (LANE) services.
 43. The method as recitedin claim 40, wherein the subnetwork includes at least one customerconnection.
 44. The method as recited in claim 40, wherein the pluralityof interface switches and routers includes a plurality of edge devices.45. The method as recited in claim 44, wherein the plurality of edgedevices includes at least two catalyst switches.
 46. The method asrecited in claim 40, wherein the plurality of interface switchesincludes at least two ATM switches.
 47. The method as recited in claim40, wherein the plurality of interface routers includes at least tworouters.
 48. The method as recited in claim 40, wherein said using stepfurther requires selecting a LANE protocol to provide redundant LANEservices from an optimum location within said test environment.
 49. Themethod as recited in claim 48, wherein the selected LANE protocol isSimple Server Redundancy Protocol (SSRP).
 50. The method as recited inclaim 48, wherein the LANE protocol is run on the plurality of catalystswitches.
 51. The method as recited in claim 40, wherein said using stepfurther requires coupling each of said routers to at least one of saidATM switches and, wherein, said using step further requires couplingeach of said ATM switches to each of said edge devices, said edgedevices performing a LAN-to-ATM conversion function to permitapplications to run transparently on said subnetwork over the ATMswitched network.
 52. The method as recited in claim 39, wherein saidsimulating step includes establishing at least one ELAN and configuringat least one LANE client for each ELAN.
 53. The method as recited inclaim 39, wherein said fault condition affects a switch.
 54. The methodas recited in claim 39, wherein said fault condition affects a router.55. A method of verifying the operation of a resilient interfacearchitecture, said architecture comprising at least two interfaceswitches providing connectivity between a subnetwork and a main network,wherein, if one of said switches fails, the connectivity otherwiseprovided by the failed interface switch is provided by another of saidinterface switches, said architecture also comprising at least twointerface routers, each interface router individually coupled to atleast one of said interface switches, said interface routers selecting atransmission path between said subnetwork and said main network throughsaid interface switches, wherein, if one of said interface routersfails, the selection of transmission paths otherwise provided by thefailed interface router is provided by another one of said interfacerouters, the method comprising the steps of: providing a testenvironment which comprises a subnetwork, said subnetwork comprising atleast one customer connection, said subnetwork being coupled to at leasttwo edge devices, said edge devices comprising at least two mutuallyredundant catalyst switches, said edge devices being coupled to at leasttwo mutually redundant ATM switches, said ATM switches coupled to atleast two mutually redundant interface routers, said routers coupled toan ATM switched main network; simulating an actual loaded environment;transmitting a test signal from a first location within said testenvironment, said test signal being received, after a time delay, at asecond location within said test environment; introducing a plurality offault conditions into said test environment, said fault conditionsoccurring one at a time, wherein a currently occurring fault iscorrected before a next fault is introduced into said test environment;and observing and recording an effect, on the time delay, uponintroducing said fault conditions into said test environment, andobserving and recording an effect, on the time delay, upon correctingeach of said fault conditions before introducing a next fault conditionof said plurality of fault conditions.
 56. The method as recited inclaim 55, wherein the mutually redundant catalyst switches provideconnectivity between the subnetwork and the main network, wherein, ifone of said catalyst switches fails, the test signal which wouldotherwise pass through the failed switch is passed through another oneof said catalyst switches.
 57. The method as recited in claim 55,wherein the mutually redundant ATM switches provide connectivity betweenthe catalyst switches and the interface routers, wherein, if one of saidATM switches fails, the test signal which would otherwise pass throughthe failed ATM switch is passed through another of said ATM switches.58. The method as recited in claim 55, wherein the mutually redundantrouters provide connectivity between the ATM switches and the backbone,wherein, if one of said interface routers fails, the test signal whichwould otherwise pass through the failed interface router is passedthrough another one of said interface routers.
 59. The method as recitedin claim 55, wherein the subnetwork is a server local area network. 60.The method as recited in claim 55, wherein the main network is an ATMswitched network.
 61. The method as recited in claim 59, wherein thesubnetwork is further comprised of a plurality of single connectedcustomer networks and a plurality of double connected customer networks.62. The method as recited in claim 59, wherein the subnetwork is furthercomprised of at least one single connected customer network.
 63. Themethod as recited in claim 59, wherein the subnetwork is furthercomprised of at least one double connected customer network.
 64. Themethod as recited in claim 55, wherein the fault condition is theremoval of an interface within said test environment.
 65. The method asrecited in claim 55, wherein the fault condition is the disabling of asupervisor module.
 66. The method as recited in claim 55, wherein thefault condition is a power failure.
 67. The method as recited in claim55, wherein the fault condition is the disabling of a LES/BUS pair or aLECS of a device.
 68. A method of verifying the operation of a highresiliency network infrastructure for use in hosting informationservices on the Internet, said network infrastructure containing anInternet backbone, and a hosting network based upon an open systeminterconnect (OSI) stack protocol for transporting Internet data betweenan access point on said Internet backbone and a customer subnetwork,which provides redundancy at a physical interface layer, a data linklayer, and a network layer of the OSI stack protocol, said Internetbackbone containing a plurality of first physical links upon which theInternet data traverses said Internet backbone on route between Internetaccess points, and also containing a plurality of first asynchronoustransfer mode (ATM) switches connecting respective ones of said physicallinks, directing the Internet data from one of said first physicallinks, to another of said first physical links on route between Internetaccess points, and also containing a plurality of Internet routers, eachcoupled to at least one of said ATM switches, selecting data pathscomposed of ones of said first physical links and said first ATMswitches upon which the Internet data traverses across said Internetbackbone, said hosting network containing a plurality of mutuallyredundant second physical links which includes at least two opticalfiber communication links transporting information signals between saidhosting network and said Internet backbone, wherein, if one of saidoptical fiber communication links fails, another one of the opticalfiber communication links transports the information signals that wouldotherwise be transported by the failed optical fiber communication link,said hosting network also containing a plurality of mutually redundantsecond ATM switches which include at least two ATM interface switchesproviding connectivity between a customer subnetwork and said Internetbackbone, wherein, if one of said ATM interface switches fails, theconnectivity otherwise provided by the failed ATM interface switch isprovided by another one of said ATM interface switches, and alsocontaining a plurality of mutually redundant hosting routers whichinclude at least two interface routers, each interface routerindividually coupled to at least one ATM interface switch, saidinterface routers selecting a transmission path between the customersubnetwork and the Internet backbone through said ATM interfaceswitches, wherein, if one of said interface routers fails, the selectionof transmission paths otherwise provided by the failed interface routeris provided by another one of said interface routers, said networkinfrastructure also containing a plurality of permanent virtual circuits(PVCs) defining dedicated logical transmission paths from each of saidhosting routers to each Internet router in said Internet backbonethrough at least one of said plurality of first ATM switches, andwherein, only a single routing hop is performed when transportinginformation signals between one of said Internet routers at an externalaccess point in said Internet backbone and one of said, hosting routersin said hosting network, said method comprising the steps of: providinga test environment to simulate customer connections, said testenvironment comprising a subnetwork level comprising a plurality ofcustomer networks coupled to a catalyst switch level, said catalystswitch level comprising a plurality of catalyst switches coupled to anATM switch level, said ATM switch level comprising a plurality of ATMswitches coupled to a border router level, said border router levelcomprising a plurality of border routers coupled to an internal backbonelevel; simulating actual load demands within said test environment byestablishing a plurality of Emulated Local Area Networks (ELANs), eachof said ELANs being coupled with a plurality of LAN Emulation clients,and establishing an Internet Protocol (IP) address for each of saidELANs; transmitting a test signal from a first location within said testenvironment, said test signal being received, after a time delay, at asecond location within said test environment; introducing a series offault conditions into said test environment, said fault conditionsoccurring one at a time, wherein a currently-occurring fault conditionis corrected before a next fault condition is introduced into aid testenvironment, and, wherein, said fault conditions comprise the removal ofan interface, the removal of a supervisor module within a device,disabling a LES/BUS pair on a device, disabling LECS on a device, andtotal or partial power failure of a device within said test environment;and observing and recording an effect, on said time delay, uponintroducing said fault condition into said test environment, andobserving and recording an effect, on said time delay, upon correctingsaid fault condition before introducing next fault condition in saidseries of fault conditions.
 69. The method as recited in claim 68,wherein said plurality of customer networks comprise a plurality ofsingle connected customer networks and a plurality of double connectedcustomer networks.
 70. The method as recited in claim 69, whereinprovisions are made to ensure transmission between a first of saidplurality of customer networks and a second of said plurality ofcustomer networks is routed through the backbone and not a third of saidplurality of customer networks.
 71. The method as recited in claim 68,wherein said subnetwork level comprises at least one customer network.72. The method as recited in claim 68, wherein said plurality ofcatalyst switches includes at least one primary catalyst and at leastone secondary catalyst, said primary and secondary catalyst switchesbeing mutually redundant, wherein if one of said catalyst switchesfails, another one of the catalyst switches transports said test signalthat would otherwise be transported by the failed catalyst switch. 73.The method as recited in claim 68, wherein said plurality of ATMswitches includes at least one primary ATM switch and at least onesecondary ATM switch, said primary and secondary ATM switches beingmutually redundant, wherein if one of said ATM switches fails, anotherone of the ATM switches transports said test signal that would otherwisebe transported by the failed ATM switch.
 74. The method as recited inclaim 68, wherein said plurality of border routers includes at least oneprimary router and at least one secondary router, said primary andsecondary routers being mutually redundant, wherein if one of saidborder routers fails, another one of the border routers will transportthe test signal that would otherwise be transported by the failedrouter.
 75. The method as recited in claim 74, wherein said borderrouters employ Hot Standby Routing Protocol (HSRP) and, wherein, saidrouters employ a shortest exit protocol.
 76. The method as recited inclaim 68, wherein said internal backbone is comprised of InternetProtocol (IP) subnetworks of fully meshed ATM PVCs.
 77. The method asrecited in claim 68, wherein said internal backbone is comprised of aplurality of ATM switched networks consisting of a plurality of ATMswitched ELANs, each of said ELANs running LANE protocol.
 78. The methodas recited in claim 68, wherein each of said plurality of ELANs arecoupled to ethernet ports of each of said plurality of catalystswitches.
 79. The method as recited in claim 68, wherein at least one ofsaid ELANs is coupled to the ethernet port of at least one of saidcatalyst switches.
 80. The method as recited in claim 78, wherein atleast one of said ELANs is coupled to the ethernet ports, via anethernet hub, of at least two of said plurality of catalyst switches.81. The method as recited in claim 78, wherein at least one of saidELANs is coupled to a processor-based system.
 82. The method as recitedin claim 68, wherein said test signal is transmitted from aprocessor-based device.
 83. The method as recited in claim 82, whereinthe processor-based device is coupled to a primary ATM switch via aborder router, and, wherein, a switch bridges a backbone ELAN and anethernet port of the border router.
 84. The method as recited in claim68, wherein the removed interface couples an ethernet hub to a primarycatalyst switch.
 85. The method as recited in claim 68, wherein theremoved interface couples an ethernet hub to a secondary catalystswitch.
 86. The method as recited in claim 68, wherein the removedinterface couples a secondary catalyst switch to a primary ATM switch.87. The method as recited in claim 68, wherein the removed interfacecouples a primary catalyst switch to a secondary ATM switch.
 88. Themethod as recited in claim 68, wherein the removed interface couples aprimary catalyst switch to a primary ATM switch.
 89. The method asrecited in claim 68, wherein the removed interface couples a secondaryATM switch to a secondary border router.
 90. The method as recited inclaim 68, wherein the removed interface couples a primary ATM switch toa primary border router.
 91. The method as recited in claim 68, whereinthe supervisor module within said primary catalyst switch is removed.92. The method as recited in claim 68, wherein the power failure occurswithin a catalyst switch.
 93. The method as recited in claim 68, whereinthe disabling of the LES/BUS pair occurs within a catalyst switch. 94.The method as recited in claim 68, wherein the disabling of the LECSoccurs within a catalyst switch.
 95. A method of adding a customer to anetwork infrastructure, the method comprising the steps of: identifyinga plurality of configuration parameters; creating a new Virtual LocalArea Network (VLAN); configuring at least one catalyst switch and atleast two routers; and connecting the new customer to the networkinfrastructure.
 96. The method as recited in claim 95, wherein saididentifying step further comprises: identifying an Internet Protocol(IP) prefix; identifying a connection number; identifying an EmulatedLocal Area Network (ELAN) name; identifying a Virtual Local Area Network(VLAN) number; acquiring access control lists; identifying catalystconnection points; and identifying router connection points.
 97. Themethod as recited in claim 95, wherein said creating step furthercomprises creating a VLAN on each catalyst switch in the networkinfrastructure to which said added customer will be connected.
 98. Themethod as recited in claim 95, wherein said connecting step furthercomprises connecting the customer to one primary catalyst switch and onesecondary catalyst switch.
 99. The method as recited in claim 95,wherein said connecting step further comprises connecting the customerto one primary router and one secondary router.
 100. A method of addinga customer to a high resiliency network infrastructure for use inhosting information services on the Internet, said networkinfrastructure containing an Internet backbone, and a hosting networkbased upon an open system interconnect (OSI) stack protocol fortransporting Internet data between an access point on said Internetbackbone and a customer subnetwork, which provides redundancy at aphysical interface layer, a data link layer, and a network layer of theOSI stack protocol, said Internet backbone containing a plurality offirst physical links upon which Internet data traverses said Internetbackbone on route between Internet access points, and also containing aplurality of first asynchronous transfer mode (ATM) switches connectingrespective ones of said physical links, directing the Internet data fromone of said first physical links, to another of said first physicallinks on route between Internet access points, and also containing aplurality of Internet routers, each coupled to at least one of said ATMswitches, selecting data paths composed of ones of said first physicallinks and said first ATM switches upon which the Internet data traversesacross said Internet backbone, said hosting network containing aplurality of mutually redundant second physical links which includes atleast two optical fiber communication links transporting informationsignals between said hosting network and said Internet backbone,wherein, if one of said optical fiber communication links fails, anotherone of the optical fiber communication links transports the informationsignals that would,otherwise be transported by the failed optical fibercommunication link, said hosting network also containing a plurality ofmutually redundant second ATM switches which include at least two ATMinterface switches providing connectivity between a customer subnetworkand said Internet backbone, wherein, if one of said ATM interfaceswitches fails, the connectivity otherwise provided by the failed ATMinterface switch is provided by another one of said ATM interfaceswitches, and also containing a plurality of mutually redundant hostingrouters which include at least two interface routers, each interfacerouter individually coupled to at least one ATM interface switch, saidinterface routers selecting a transmission path between the customersubnetwork and the Internet backbone through said ATM interfaceswitches, wherein, if one of said interface routers fails, the selectionof transmission paths otherwise provided by the failed interface routeris provided by another one of said interface routers, said networkinfrastructure also containing a plurality of permanent virtual circuits(PVCs) defining dedicated logical transmission paths from each of saidhosting routers to each Internet router in said Internet backbonethrough at least one of said plurality of first ATM switches, andwherein, only a single routing hop is performed when transportinginformation signals between one of said Internet routers at an externalaccess point in said Internet backbone and one of said hosting routersin said hosting network, the method comprising the steps of: compiling aplurality of configuration parameters, said parameters comprising anInternet Protocol (IP) prefix, a connection number, an Emulated LocalAre Network (ELAN) name, a Virtual Local Area Network (VLAN) number, anaccess control list, a plurality of catalyst connection points, and aplurality of router connection points; creating a new VLAN on eachcatalyst switch to which said added customer will connect; configuringat least one catalyst switch and at least two routers; and connectingthe customer to at least one catalyst switch and to at least tworouters.
 101. The method as recited in claim 100, wherein said creatingstep requires connection to one catalyst switch.
 102. The method asrecited in claim 101, wherein appropriate ports of the catalyst switchare assigned to the VLAN.
 103. The method as recited in claim 101,wherein provisions are made to ensure the catalyst switch will be a rootbridge for the VLAN.
 104. The method as recited in claim 101, wherein aprimary LES/BUS pair and a LEC on an ATM LANE module for the catalystswitch are configured.
 105. The method as recited in claim 100, whereinsaid creating step requires connection to two catalyst switches. 106.The method as recited in claim 105, wherein appropriate ports of bothcatalyst switches are assigned to both VLANs.
 107. The method as recitedin claim 105, wherein provisions are made to ensure that a primarycatalyst to which a first VLAN is connected is a root bridge, and asecondary catalyst to which a second VLAN is connected is a root bridgeif the primary catalyst fails.
 108. The method as recited in claim 105,wherein a primary and secondary LES/BUS pair and a primary and secondaryLEC on an ATM LANE module of a primary catalyst and a secondary catalystare configured.
 109. The method as recited in claims 100 and 105,wherein said connecting step further comprises: connecting to an ATMLANE module of a primary catalyst switch which acts as a primary LECS;creating an entry in the LECS database for a new ELAN; connecting to anATM LANE module of a secondary catalyst switch which acts as a secondaryLECS; updating the LECS database with exactly the same configurationinformation as in the primary LECS; connecting to an active router; andconnecting to a standby router.
 110. The method as recited in claim 109,wherein said connecting to an active router step further comprises thesubsteps of: configuring a named IP extended access list; configuring anATM sub-interface; and configuring EIGRP.
 111. The method as recited inclaim 109, wherein said connecting to a standby router step furthercomprises the substeps of: configuring a named IP extended access listwhich is identical to that used to configure said active router;configuring an ATM sub-interface; and configuring EIGRP.